[Twisted-Python] smtp-server: issue with checkers.FilePasswordDB and hash
ltaylor.volks at gmail.com
Mon Apr 5 00:01:01 EDT 2010
On 4/4/10 5:41 PM, aleuser at inwind.it wrote:
> Hi all,
> I use FilePasswordDB with a small smtp-server (a very small toy), but when
> I use the hash function the authentication doesn't work.
> Here few lines of code:
> def _hash(name, clearpsw, hashedpsw):
> # a very simple hash function ?
> return md5.md5(clearpsw).hexdigest()
> # return 'aa'
> # doesn't work; password file content is correctly "hashed"
> smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True,
> hash=_hash, cache=True)
> # work! in the file the passwords are in plain text
> #smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True,
> mailservice = mail.MailService()
> smtpserver = mailservice.getESMTPFactory()
> application = service.Application("Console SMTP Server")
> internet.TCPServer(SMTP_PORT, smtpserver).setServiceParent(application)
> The error is:
> Failure: twisted.cred.error.UnhandledCredentials: No checker for twisted.cred.
> Obviously FilePasswordDB doesn't provide that credential when there is the
> hash function; why smtp connection is hashed and not in plaintext? How can I
> get it works?
> I found a similar question, with no answer:
Can't say for sure without a full example, but it looks like you are
providing an instance of credentials.UsernameHashedPassword to
portal.login when you should be providing a credentials.UsernamePassword
If you provide a hash function to FilePasswordDB, it only accepts
IUsernamePassword credentials. The hash function is for plaintext
passwords that need to be validated against a hashed password file.
If your passwords are already hashed before they are sent to the server
for authentication, then there is no need for a hash function.
FilePasswordDB will accept either IUsernamePassword or
The source comments make it a bit clearer:
More information about the Twisted-Python